[Apiman-user] Disable SSL/TLS for Oauth
Marc Savy
marc.savy at redhat.com
Fri May 13 07:05:17 EDT 2016
On 12 May 2016 at 22:30, Charles Moulliard <cmoullia at redhat.com> wrote:
> Can we disable SSL/TLS when we use Keycloak Oauth plugin to avoid this
> message ""OAuth2 token was transmitted without required transport security
> (TLS, SSL)." ?
Yes, you should be able to untick "require transport security" or edit
your policy's JSON config (see:
http://www.apiman.io/latest/user-guide.html#_oauth_policy_keycloak).
It's generally not a good idea to use OAuth2 without transport
security, however.
More information about the Apiman-user
mailing list